Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          vBojnIVTQeP9zWV6vadWXwqYzODefPhHSro+N4emFNc=
Subject key identifier:   30:74:69:0C:EE:CD:A2:7C:68:E5:F7:E7:54:FC:45:AC:B6:D8:58:62
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       0197B7EA833CFA5EC9FD84A97AA98CDF3792
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          1245
Signing time:             Sat 28 Jun 2025 19:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:28 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: wNlFJqjxIgs7XcCxItI1Rv/izbBIkINZm7nCOFBw3s8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:83:3c:fa:5e:c9:fd:84:a9:7a:a9:8c:df:37:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: Jun 28 19:01:28 2025 GMT
            Not After : Jun 29 19:01:28 2025 GMT
        Subject: CN=3074690ceecda27c68e5f7e754fc45acb6d85862
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:28:bf:0a:dd:25:c5:d6:f5:6d:e7:69:fb:2b:
                    6d:15:57:ec:38:c7:fa:7d:68:c3:05:17:0e:59:ad:
                    16:9a:1c:aa:9c:64:23:b6:df:02:c7:97:0e:1f:d1:
                    b8:fa:70:4c:bb:e1:d8:13:e9:f6:9e:00:05:26:a0:
                    8c:60:95:63:3f:ad:07:01:bb:79:b5:d4:f7:3f:be:
                    5a:32:f9:cc:fc:83:4b:44:0c:4e:14:3b:fe:86:da:
                    1d:13:43:89:0f:d9:32:df:40:62:bc:b8:b7:e9:db:
                    59:d2:5b:44:f2:93:7d:b7:5c:b1:b1:98:94:5b:c3:
                    f1:33:0d:b2:fe:b0:4a:72:c3:b6:89:51:c3:34:0c:
                    a5:9d:59:01:57:1c:16:71:47:ef:78:1a:ad:9b:c9:
                    ad:f9:da:b4:15:ed:a0:cf:71:fa:eb:63:1a:93:18:
                    05:0e:68:c7:86:a9:4c:b0:43:f1:34:46:5b:49:04:
                    f4:5d:44:0c:82:f6:de:2f:32:ca:c9:99:75:03:ec:
                    1e:d0:32:27:b7:7f:e4:85:4f:1b:07:f3:af:6a:7d:
                    1c:83:19:06:b6:3a:25:96:ad:2c:2b:2d:f6:27:ac:
                    8d:d9:c7:a8:aa:76:57:09:f1:80:e4:0f:02:81:ab:
                    7a:ca:58:e6:9f:5f:5a:3a:4f:c3:0f:f4:e8:f7:86:
                    7e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:74:69:0C:EE:CD:A2:7C:68:E5:F7:E7:54:FC:45:AC:B6:D8:58:62
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:46:4f:96:80:f4:07:de:a5:ff:6c:f8:28:92:a3:0a:e0:fd:
         2e:a5:ec:51:1d:c6:a1:48:2b:68:04:2b:13:bf:e0:c2:0a:59:
         63:c1:36:4c:c9:3a:53:5e:7a:c0:b1:c9:6b:69:7a:66:3e:7e:
         f8:34:30:50:d2:1c:b3:fe:04:07:4f:38:f1:8e:8e:e5:96:88:
         89:70:89:61:0b:00:cc:6f:a1:a2:8c:72:f2:da:d8:19:ba:87:
         3f:fa:32:8b:94:42:e4:fa:91:c0:25:4d:20:65:56:c8:64:8f:
         73:79:0d:8b:76:60:b0:69:64:d8:4e:8d:76:ef:74:bb:36:f1:
         34:1a:99:b6:3f:d4:dd:9a:8d:02:bc:34:0c:51:89:0c:b4:62:
         74:45:23:b9:4e:ac:3a:b1:a8:e4:89:c9:28:00:19:aa:eb:2c:
         ab:72:23:d8:51:11:59:88:ec:28:3f:23:32:c7:12:76:9a:34:
         46:d7:b2:1d:e7:27:34:5f:11:65:f8:1a:a8:b4:da:f9:21:1d:
         c9:c7:a4:53:04:0b:a5:08:e9:e1:d5:9f:7e:f1:78:1b:98:55:
         e5:47:f9:d8:e3:5d:db:52:0a:97:36:67:30:60:84:07:86:34:
         b7:e9:ec:9f:8a:ce:fd:0e:51:5f:93:18:6a:82:c4:bb:b1:df:
         e1:71:51:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36oM8+l7J/YSpeqmM3zeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjUwNjI4MTkwMTI4WhcNMjUwNjI5MTkwMTI4WjAzMTEwLwYDVQQD
EygzMDc0NjkwY2VlY2RhMjdjNjhlNWY3ZTc1NGZjNDVhY2I2ZDg1ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyi/Ct0lxdb1bedp+yttFVfsOMf6
fWjDBRcOWa0WmhyqnGQjtt8Cx5cOH9G4+nBMu+HYE+n2ngAFJqCMYJVjP60HAbt5
tdT3P75aMvnM/INLRAxOFDv+htodE0OJD9ky30BivLi36dtZ0ltE8pN9t1yxsZiU
W8PxMw2y/rBKcsO2iVHDNAylnVkBVxwWcUfveBqtm8mt+dq0Fe2gz3H662MakxgF
DmjHhqlMsEPxNEZbSQT0XUQMgvbeLzLKyZl1A+we0DInt3/khU8bB/Ovan0cgxkG
tjollq0sKy32J6yN2ceoqnZXCfGA5A8Cgat6yljmn19aOk/DD/To94Z+HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDB0aQzuzaJ8aOX351T8Ray22FhiMB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEZPloD0
B96l/2z4KJKjCuD9LqXsUR3GoUgraAQrE7/gwgpZY8E2TMk6U156wLHJa2l6Zj5+
+DQwUNIcs/4EB0848Y6O5ZaIiXCJYQsAzG+hooxy8trYGbqHP/oyi5RC5PqRwCVN
IGVWyGSPc3kNi3ZgsGlk2E6Ndu90uzbxNBqZtj/U3ZqNArw0DFGJDLRidEUjuU6s
OrGo5InJKAAZqussq3Ij2FERWYjsKD8jMscSdpo0RteyHecnNF8RZfgaqLTa+SEd
ycekUwQLpQjp4dWffvF4G5hV5Uf52ONd21IKlzZnMGCEB4Y0t+nsn4rO/Q5RX5MY
aoLEu7Hf4XFRiw==
-----END CERTIFICATE-----